On Thursday 25 January 2007 15:59, Judy Angel wrote:
> We have noticed a significant amount of spam that is included in .gif
> attachments but is not caught by the spam filters. The policy is to deliver
> spam, but tag the Subject line.
>
> We run Exim, MailScanner, SpamAssassin, Sophos. I understand that FuzzyOCR
> can add value but there are many dependencies for that installation. I am
> interested to hear how other sites deal with such attachments.
exim.org simply does this in the acl_smtp_mime ACL:
deny message = Messages with embedded images are not allowed
condition = ${if match{$mime_content_type}{^image/}}
condition = ${if def:mime_content_id}
but you might want to accept *some* mail with embedded images. Giving many SA
points to multipart/related achieves approximately the same:
header MPART_RELATED Content-Type =~ /\s*multipart\/related\b/i
describe MPART_RELATED We don't care much for multipart/related here
score MPART_RELATED 3
SARE has some better rules. Search the archive of the users@???
list.
--
Magnus Holmgren holmgren@???
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans
%22%20--%20Dave%20Evans%0A>%20 "Répondre à ce message")